gshsec(8)
NAME
gshsec - control utility for shared secret devices
SYNOPSIS
gshsec label [-hv] name prov prov ... gshsec stop [-fv] name ... gshsec clear [-v] prov ... gshsec dump prov ... gshsec list gshsec status gshsec load gshsec unload
DESCRIPTION
- The gshsec utility is used for setting up a device which
- contains a
shared secret. The secret is shared between the given - providers. To
collect the secret, all providers are needed. If one of the - components
is missing, there is no way to get any useful data from the - rest of them.
The first argument to gshsec indicates an action to be per - formed:
- label Set up a shared secret device from the given
- components with
- the specified name. Metadata are stored in the
- last sector
of every component. - stop Turn off an existing shared secret device by
- its name. This
- command does not touch on-disk metadata!
- clear Clear metadata on the given providers.
- dump Dump metadata stored on the given providers.
- list See geom(8).
- status See geom(8).
- load See geom(8).
- unload See geom(8).
- Additional options:
- -f Force the removal of the specified shared secret de
- vice.
- -h Hardcode providers' names in metadata.
- -v Be more verbose.
EXIT STATUS
Exit status is 0 on success, and 1 if the command fails.
EXAMPLES
- The following example shows how to create a shared secret
- device. The
secret will be split between a slice on a local disk and a - USB Pen drive.
gshsec label -v secret /dev/ad0s1 /dev/da0
newfs /dev/shsec/secret- From now on, when the USB Pen drive is inserted, it will be
- automatically
detected and connected, making the secret available via the
/dev/shsec/secret device.
SEE ALSO
geom(4), gbde(8), geom(8), newfs(8)
HISTORY
The gshsec utility appeared in FreeBSD 5.4.
AUTHORS
- Pawel Jakub Dawidek <pjd@FreeBSD.org>
- BSD January 8, 2005